Mailrelay: wait for downstream response

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Mailrelay: wait for downstream response

lucas2

Hello,


I am managing a Postfix mail relay service in our internal network. The relay itself is more permissive than the downstream SMTP server. So it is possible, and indeed it regularly happens, that my relay accepts a message which is subsequently bounced by the downstream server. There is no way to inform the original sender what happened to the message after the relay accepted it.

Is it possible to delay closing the SMTP connection from the original sender until the response from the downstream server is received, and then respond accordingly in the original connection?

I could imagine this would imply some complications in terms of performance, and the question what happens if downstream is not available. But in the way it would appear the advantage of telling the original sender what happened to a message, outweighs the disadvantages.


Regards,

Lucas

Reply | Threaded
Open this post in threaded view
|

Re: Mailrelay: wait for downstream response

Demi M. Obenour
On 2020-10-01 08:19, [hidden email] wrote:

> Hello,
>
> I am managing a Postfix mail relay service in our internal network. The
> relay itself is more permissive than the downstream SMTP server. So it
> is possible, and indeed it regularly happens, that my relay accepts a
> message which is subsequently bounced by the downstream server. There is
> no way to inform the original sender what happened to the message after
> the relay accepted it.
>
> Is it possible to delay closing the SMTP connection from the original
> sender until the response from the downstream server is received, and
> then respond accordingly in the original connection?
>
> I could imagine this would imply some complications in terms of
> performance, and the question what happens if downstream is not
> available. But in the way it would appear the advantage of telling the
> original sender what happened to a message, outweighs the disadvantages.
This seems to be a job for a reverse proxy, such as NGINX (which
already supports SMTP).  NGINX is event-driven, so it can handle
thousands of connections without a significant performance hit.

> Regards,
>
> Lucas
Sincerely,

Demi


signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Mailrelay: wait for downstream response

Wietse Venema
In reply to this post by lucas2
[hidden email]:

> Hello,
>
> I am managing a Postfix mail relay service in our internal network. The
> relay itself is more permissive than the downstream SMTP server. So it
> is possible, and indeed it regularly happens, that my relay accepts a
> message which is subsequently bounced by the downstream server. There is
> no way to inform the original sender what happened to the message after
> the relay accepted it.
>
> Is it possible to delay closing the SMTP connection from the original
> sender until the response from the downstream server is received, and
> then respond accordingly in the original connection?
>
> I could imagine this would imply some complications in terms of
> performance, and the question what happens if downstream is not
> available. But in the way it would appear the advantage of telling the
> original sender what happened to a message, outweighs the disadvantages.

http://www.postfix.org/postconf.5.html#reject_unverified_recipient

        Wietse

Reply | Threaded
Open this post in threaded view
|

Re: Mailrelay: wait for downstream response

Wietse Venema
Wietse Venema:

> [hidden email]:
> > Hello,
> >
> > I am managing a Postfix mail relay service in our internal network. The
> > relay itself is more permissive than the downstream SMTP server. So it
> > is possible, and indeed it regularly happens, that my relay accepts a
> > message which is subsequently bounced by the downstream server. There is
> > no way to inform the original sender what happened to the message after
> > the relay accepted it.
> >
> > Is it possible to delay closing the SMTP connection from the original
> > sender until the response from the downstream server is received, and
> > then respond accordingly in the original connection?
> >
> > I could imagine this would imply some complications in terms of
> > performance, and the question what happens if downstream is not
> > available. But in the way it would appear the advantage of telling the
> > original sender what happened to a message, outweighs the disadvantages.
>
> http://www.postfix.org/postconf.5.html#reject_unverified_recipient

If the probkem is that the downstream system rejects email *content*
then you could configure the downstream system as an smtpd_proxy_filter:

    1.2.3.4:smtp .. .. .. .. .. .. smtpd
        -o smtpd_proxy_filter=downstream.example:25
        -o smtpd_proxy_options=

This will accept mail on IP address 1.2.3.4 port 25, and proxy it
to downstream.example port 25.

This requires a different IP address to receive other email.

        Wietse